From 3b040fac09eb158caf963d7c956610f99f8e0c17 Mon Sep 17 00:00:00 2001
From: Johannes Stoelp <johannes.stoelp@gmail.com>
Date: Mon, 5 Dec 2022 21:42:17 +0100
Subject: initial ansible setup

---
 roles/sshd/tasks/main.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 roles/sshd/tasks/main.yml

(limited to 'roles/sshd/tasks/main.yml')

diff --git a/roles/sshd/tasks/main.yml b/roles/sshd/tasks/main.yml
new file mode 100644
index 0000000..c4dd9ea
--- /dev/null
+++ b/roles/sshd/tasks/main.yml
@@ -0,0 +1,13 @@
+---
+- name: Configure sshd
+  become: True
+  lineinfile:
+    dest: "/etc/ssh/sshd_config"
+    regexp: "{{ item.regex }}"
+    line: "{{ item.line }}"
+  notify: Restart sshd
+  loop:
+    - { regex: '^(#\s*)?PermitEmptyPasswords'  , line: 'PermitEmptyPasswords no' }
+    - { regex: '^(#\s*)?PermitRootLogin'       , line: 'PermitRootLogin no' }
+    - { regex: '^(#\s*)?PasswordAuthentication', line: 'PasswordAuthentication no' }
+    - { regex: '^(#\s*)?UsePAM'                , line: 'UsePAM yes' }
\ No newline at end of file
-- 
cgit v1.2.3